[afnog] BGP issues and strange traffic
Brice Abba
briceabba at hotmail.com
Thu Feb 25 04:56:57 UTC 2016
Remove DNS function from your router
Envoyé de mon iPad Air
> Le 24 févr. 2016 à 23:33, Folarin Oluwafemi <folarin077 at gmail.com> a écrit :
>
> Hello Group Members,
>
> I recently did BGP peering with my upstream provider and everything was fine until a few days
>
> time when i observe strange traffic from the interface of my WAN.
>
> What i saw using torch tool (network real-time monitor) on Mikrotik was traffic hitting my WAN
>
> interface from IP prefix from unknown locations hitting my router for DNS service that i can't
>
> explain..
>
> I disabled my LAN Public IP block of 196.13.111.0/24 and observed keenly the scenario and still
>
> observed high traffic coming in.
>
> Because of this act, i have not been able to enjoy good internet service from my provider.
>
>
> Any filtering mechanism that can be used or how this attack can be mitigated.
>
> Attached is the snapshot of what am refering to.
>
> ETHER 5 is the interface facing my ISP
>
> ETHER 3 is my LAN interface 196.13.111.0/24 disabled
>
> I need assistance from the group in helping out.
>
> Regards.
> --
> I am what God says I am
> <2016-02-20.png>
> <2016-02-21 (1).png>
> <2016-02-21.png>
> _______________________________________________
> afnog mailing list
> https://www.afnog.org/mailman/listinfo/afnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20160225/d05a6ee6/attachment.html>
-------------- next part --------------
_______________________________________________
afnog mailing list
https://www.afnog.org/mailman/listinfo/afnog
More information about the afnog
mailing list